kb-health
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is instructed to execute a local Python script (
../obsidian-notes-karpathy/scripts/lint_obsidian_mechanics.py) to establish a baseline for its health checks, introducing a dependency on external script execution. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing data from numerous files within the wiki.
- Ingestion points: Files located in
wiki/live/,wiki/briefings/,outputs/qa/,outputs/content/,outputs/reviews/, andoutputs/health/. - Boundary markers: Absent; the agent lacks instructions to ignore potential commands embedded in analyzed wiki content.
- Capability inventory: The agent is authorized to write file reports and perform mechanical fixes in several directories, as well as execute a maintenance script.
- Sanitization: No content sanitization or validation is specified before processing or modifying data.
Audit Metadata